CVE-2026-46300: Fragnesia Linux Kernel Flaw Grants Root via Page Cache Corruption
ID: f48a86da-fd88-5c05-b8e5-1498c4420356
STIX ID: report--f48a86da-fd88-5c05-b8e5-1498c4420356
Feed Name: SOC Prime Blog
Threat Score
CVE-2026-46300 (Fragnesia) is a high-severity Linux kernel local privilege-escalation bug in the XFRM ESP-in-TCP path that lets an unprivileged user corrupt page-cache copies of readable files (example: /usr/bin/su) to achieve root; a public proof-of-concept exists, major distributions issued advisories and patches, and temporary mitigations include blacklisting esp4/esp6/rxrpc and dropping the page cache.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.